CVE-2012-0981 PoC — phpShowtime ‘r’参数路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2012/CVE-2012-0981.yaml

Associated Vulnerability

Title:phpShowtime ‘r’参数路径遍历漏洞 (CVE-2012-0981)
Description:phpShowtime 2.0版本中存在目录遍历漏洞。远程攻击者可利用此漏洞借助r参数中的.. (点点)，列出任意目录和图片文件。

Description

A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php.

File Snapshot


 id: CVE-2012-0981

info:
  name: phpShowtime 2.0 - Directory Traversal
  author: daffainfo
  severit

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.